Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- About juhiacc
juhiacc
Explorer
Member since:
07-29-2022
09-02-2022
Community Statistics
| Posts | 7 |
| Solutions | 0 |
| Karma Given | 0 |
| Karma Received | 0 |
| Member Since | 07-29-2022 |
Activity Feed
- Posted Re: Discrepancy in data being pulled from DbConnect app vs the events in Splunk. on Knowledge Management. 09-01-2022 03:17 AM
- Tagged Re: Discrepancy in data being pulled from DbConnect app vs the events in Splunk. on Knowledge Management. 09-01-2022 03:17 AM
- Posted Re: Discrepancy in data being pulled from DbConnect app vs the events in Splunk. on Knowledge Management. 08-29-2022 03:46 AM
- Tagged Re: Discrepancy in data being pulled from DbConnect app vs the events in Splunk. on Knowledge Management. 08-29-2022 03:46 AM
- Posted Re: Discrepancy in data being pulled from DbConnect app vs the events in Splunk. on Knowledge Management. 08-29-2022 02:18 AM
- Tagged Re: Discrepancy in data being pulled from DbConnect app vs the events in Splunk. on Knowledge Management. 08-29-2022 02:18 AM
- Posted Re: Discrepancy in data being pulled from DbConnect app vs the events in Splunk. on Knowledge Management. 08-29-2022 12:59 AM
- Tagged Re: Discrepancy in data being pulled from DbConnect app vs the events in Splunk. on Knowledge Management. 08-29-2022 12:59 AM
- Posted Why is there a discrepancy in data being pulled from DbConnect app vs the events in Splunk? on Knowledge Management. 08-28-2022 11:33 PM
- Tagged Why is there a discrepancy in data being pulled from DbConnect app vs the events in Splunk? on Knowledge Management. 08-28-2022 11:33 PM
- Tagged Why is there a discrepancy in data being pulled from DbConnect app vs the events in Splunk? on Knowledge Management. 08-28-2022 11:33 PM
- Tagged Why is there a discrepancy in data being pulled from DbConnect app vs the events in Splunk? on Knowledge Management. 08-28-2022 11:33 PM
- Posted Which Splunk Capability allows to enable OR disable a Splunk app? on Deployment Architecture. 07-29-2022 07:04 AM
- Tagged Which Splunk Capability allows to enable OR disable a Splunk app? on Deployment Architecture. 07-29-2022 07:04 AM
- Tagged Which Splunk Capability allows to enable OR disable a Splunk app? on Deployment Architecture. 07-29-2022 07:04 AM
- Tagged Which Splunk Capability allows to enable OR disable a Splunk app? on Deployment Architecture. 07-29-2022 07:04 AM
- Tagged Which Splunk Capability allows to enable OR disable a Splunk app? on Deployment Architecture. 07-29-2022 07:04 AM
- Posted Re: How to allow app developers to disable/enable their apps? on All Apps and Add-ons. 07-29-2022 07:00 AM
Topics I've Started
09-01-2022
03:17 AM
Sure, Let me try this out and revert.
... View more
- Tags:
- dbconnect
08-29-2022
03:46 AM
Yes timestamp of splunk has been matched with the timestamp column of table and data is as old as 2021. So we have to use 'All Time' in Splunk while searching for entire data. Thus it brings in that data as well which now may no longer is been present in the table.
... View more
- Tags:
- dbconnect
08-29-2022
02:18 AM
There is no such column/field as 'action'. The problem is that the entry will be deleted from the main table if someone performs any DML, but splunk still will be having that entry as part of events. In short if table has 100 entries, we only want to see 100 entries in Splunk too at that point of time. But if after sometime table has 99 entries (1 row gets deleted) then also we want splunk to show 99 entries to us.
... View more
- Tags:
- dbconnect
08-29-2022
12:59 AM
Thanks for responding. The stats latest command will still show us the entries which no longer are in table as it got removed from the main table. For example, if there is a record -X in table at 1pm , and it got removed at 4pm from table. Splunk will still be showing it as our splunk events will be fetching everything.
... View more
- Tags:
- dbconnect
08-28-2022
11:33 PM
We have configured DBConnect data from MySQL db under some index at hourly frequency. Data is being pulled however we see that the count of Splunk events is much higher than the count of rows in its respective table. This is due to the fact that the SQL table is real-time in nature and always have the entries updating, whereas, Splunk keeps storing the entries as per the hourly execution frequency. So as a result, Splunk will have historical events too which currently is not present in SQL table. We need to counter this situation as we plan to build some analytics report on this data so it has to be true and updated in Splunk as well.
... View more
Labels
- Labels:
-
other
07-29-2022
07:04 AM
We have a Splunk app, that needs to be disabled by the users themselves as per the systems health and maintenance mode. Curious to know which role/capability in splunk is responsible for granting this level of access.
Already have revisited `edit_local_apps` capability as part of https://docs.splunk.com/Documentation/Splunk/9.0.0/Security/Rolesandcapabilities#Add.2C_edit.2C_and_remove_capabilities_from_roles and this doesn't seems to answer the query.
Thanks
... View more
Labels
- Labels:
-
search head
07-29-2022
07:00 AM
hi @jthunnissen - Any leads on this ?
... View more
Contact Me
| Online Status |
Offline
|
| Date Last Visited |
09-02-2022
11:45 AM
|
